GENERATE CSR FOR SILVERSTREAM WEBSERVER

 

Problem

Generate CSR for Silverstream 3.5

Resolution

Note:In the interest of better security and the enablement of greater trust, we have decided that 1024-bit keys will now be the minimum strength used in the issuance of Thawte digital certificates.

For instructions on how to generate a private key and CSR for Silverstream , go to the folllowing link:

  1. Run the SilverStream AgDigitalIDStep1 program to generate a CSR and private key (PKCS8 password protected).
  2. Goto a CA and submit the CSR. 
  3. Get the X.509 Certificate in Base64 encoded format from the CA
  4. Run the SilverStream AgDigitalIDStep2 program to upload the Certificate and the private key to SilverServer.
  5. Restart SilverServer to make SSL port active.

There is a configuration (httpd.props) setting that will allow you to change which CN (certificate domain name) the server will look for. You are allowed multiple certificates (with different CN) to be uploaded to the server, since they are stored in the master dB that all servers in a SilverStream Cluster use. Each server will then use the CN that matches it.

Generating a CSR using Novel Silverstream

A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the webform in the enrollment process:

Generate keys and Certificate Signing Request:

  • Start the SMC and select the Security icon from the toolbar
  • Select Certificates
  • Select the RSA tab
  • Choose Generate Request
  • Complete the items on the panel
  • The Server DNS Name field should be the Fully Qualified  Name(FQDN) or the web address for which you plan to use your Certificate, e.g. the area of your site you wish customers to connect to using SSL. For example, an SSL Certificate issued for domain.com will not be valid for secure.domain.com. If the web address to be used for SSL is secure.domain.com, ensure that the common name submitted in the CSR is secure.domain.com.
  • Click Next
  • The following panel allows you to specify the size of the key pair to generate - Select 1024 and click Next
  • If prompted, specify the size of the key pair to generate
  • Click Next
  • The following panel shows the paths for the CSR (Certificate Signing Request). You may edit these paths if you choose. You will use this information later when installing the certificate
  • Click Next 
  • You may click Copy CSR to Clipboard to copy the contents of the CSR and paste into our web form
  • Click Finish
Byla tato odpověď nápomocná? 0 Uživatelům pomohlo (0 Hlasů)

Související články

CREATE A CERTIFICATE SIGNING REQUEST (CSR) FOR O'REILLY WEBSITE PROFESSIONAL SERVER

  Problem How to Generate a csr for an O'Reilly WebSite Professional Server How do I generate...

 CREATE A CERTIFICATE SIGNING REQUEST (CSR) FOR O'REILLY WEBSITE PROFESSIONAL SERVER

  Problem How to Generate a csr for an O'Reilly WebSite Professional Server How do I generate...

 GENERATE A CERTIFICATE SIGNING REQUEST (CSR) FOR BEA WEBLOGIC SERVER 5

  Resolution To generate a CSR for BEA Weblogic Server 5.0 follow the instructions below:...

 GENERATE A CERTIFICATE SIGNING REQUEST (CSR) FOR IBM HTTP SERVER

  Problem How to generate a csr for IBM HTTP Server How do I generate a csr for IBM HTTP...

 GENERATE A CERTIFICATE SIGNING REQUEST (CSR) FOR JETTY JAVA HTTP SERVLET WEB SERVER

  Resolution NOTE: A key length of 1024 bit is the default, but Thawte recommends the use of a...